Is there a patch available for CVE-2026-41933?

Yes, a patch is available for CVE-2026-41933. Update the affected software to the latest version immediately.

Vvveb CVE-2026-41933

Q: What is the CVSS score of CVE-2026-41933?

CVE-2026-41933 has a CVSS 4.0 base score of 6.9 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-30294 MEDIUM

Exposure of Information Through Directory Listing (CWE-548)

2026-05-14 disclosure@vulncheck.com

GHSA-f8fj-4vvj-89gh

Information Disclosure

6.9

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Patch available

May 14, 2026 - 16:01 EUVD

Source Code Evidence Fetched

May 14, 2026 - 15:33 vuln.today

Analysis Generated

May 14, 2026 - 15:33 vuln.today

CVE Published

May 14, 2026 - 15:16 nvd

MEDIUM 6.9

DescriptionNVD

Vvveb before 1.0.8.3 contains a directory listing information disclosure vulnerability that allows unauthenticated attackers to enumerate files and directories by accessing multiple paths lacking proper index directives in .htaccess files. Attackers can access directories such as admin asset paths, plugins, themes, and media folders to view filenames, file sizes, modification timestamps, and unrendered admin templates containing sensitive route maps.

AnalysisAI

Vvveb before 1.0.8.3 allows unauthenticated remote attackers to enumerate sensitive files and directories through directory listing information disclosure. Multiple directories including admin, plugins, themes, and media folders lack proper index directives in .htaccess files, permitting attackers to view filenames, file sizes, modification timestamps, and unrendered admin templates that expose sensitive route maps. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-41933 vulnerability details – vuln.today

Back

Vvveb CVE-2026-41933

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Analysis

Full analysis requires sign-in

Share

Vvveb CVE-2026-41933

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code